Another iPhone, Another Imbroglio

There are worse companies in the world than AT&T. It’s not like theymanufacture landmines or refused to recall dangerous cars orsomething. But screw up one little launch of a beloved Apple gadget(or maybe two, or four), and all of a sudden everyone wants you toline up right behind BP and listen to a congressman tell you to killyourself.

iPhone pre-order day came and went this week, and from all theaccounts I’ve read, it was a total disaster. Yes, lots of people didmanage to squeeze in an order in time, and they’ll get their iPhoneson the official release date of June 24. Apple says it’s ready to fill600,000 pre-orders, assuming nothing else goes to hell between now andthen.

But as a whole, the IT systems AT&T and Apple used for thepre-order rush were simply not able to handle the demand. Customersreported incredibly long waits online, crashing sites, slow lines instores, screw-ups that overcharged people, and bungled credit cardtransactions. Some retail employees at AT&T got so fed up with thecomputer systems that they started taking orders down by hand in orderto punch them into the machines later when they might start working again. “A” for effort, I guess.

In fact, demand was so high that by Wednesday, Apple had startedmoving back its promise date on new pre-orders. Those who didn’t hopto it on Tuesday morning will have to wait until early July. And AT&Tjust plain stopped taking pre-orders altogether. As embarrassing as itis to not be able to handle a bunch of customers who arethrowing money at you, I suppose it’s one of the more desirableproblems for a company to have. Same goes for everyone who hadproblems getting their orders through — if this is the kind of thingyou can afford to spend time being mad about, then believe it or not,you’re an extremely comfortable human being.

But some AT&T customers say they have more to be angry about than justhaving to wait longer for a new toy. As the carrier’s systems were inthe process of melting down Tuesday, the blog Gizmodo reported on somestrange AT&T website behavior. Some users said they were being chargedfor multiple phones after buying just one; at least one said he hadhis contract renewed without securing a deal on a new phone. Thereally weird one: Some users said that when they tried to log on toAT&T’s site using their usual names and passwords, they were taken tosomeone else’s account and had access to a lot of that stranger’sinformation. An unnamed inside source at AT&T reportedly told the blogthat it was the result of an improperly tested anti-fraud system updatethat was installed last weekend — just in time to crash and burn inthe most spectacular way possible.

Listen to the podcast (12:37 minutes).

---

Game On

E3 took place this week, giving video game makers the chance toimpress us with even more sequels to the two-dozen-or-so gamefranchises that manage to make money, as well as the latest gimmickyadd-ons designed to squeeze another few years of hardware sales out oftheir systems.

First up was Microsoft, which again demoed its triumph in flail-basedgaming, the Kinect. This used to be known as “Project Natal,” and itconsists of an array of sensors you set on top of your TV and connectto the Xbox 360. It watches your movements and listens to your voice,and suddenly you’re able to play games without holding a controller.

But Kinect will only work with games designed specifically for thesystem, so sorry, you can’t mime your way through “Halo 3” just yet.The day-one game lineup for the Kinect looks pretty heavy on thefitness, sports and dancing genres, so roll out the plastic sheeting –things are gonna get sweaty. The Kinect will hit stores on Nov. 4, butno price has yet been named.

Microsoft also took the chance to roll out a new version of the Xbox360 itself. It’s small, it’s glossy black, and it finally has built-inWiFi, though still no Blu-ray support.

Next at bat was Nintendo, which finally showed us what thisglasses-free 3-D thing is all about. Its new 3DS handheld system willplay certain titles that appear in 3-D, just as long as you look atthe screen head-on. IDC’s Louis Ward got his hands on one, and he toldus he thinks it looks impressive. No pricing or release dates wereannounced, though, so when you’ll be able to see for yourself is stilla mystery. 3DS titles will include new entries from series like “Zelda,” “Donkey Kong” and “Star Fox.”

3DS was pretty much the biggest thing happening in Nintendo’s hardwareuniverse. In software, the company’s big plan is to take somedecade-old meat out of the fridge, reheat it, and serve it up for theWii. It’s reworking crusty old titles like “Goldeneye” to play on itsmotion-controlled console.

It’s not exactly a show-stealing announcement, but it got a fair roundof cheers. Some of these games were prime rib back in the day, andthey’re still fun, right? The Enderle Group’s Rob Enderle says thiswasn’t such a great idea because these old games don’t play to theWii’s strengths, like motion-control hardware and sports titles.

IDC’s Ward was a bit more optimistic. He told us, “These titlesstill have a relatively loyal fan base, and people don’t forget aboutthem as quickly as games on other platforms. It remains to be seen howthis will play out with regard to marketing.”

Finally, Sony got its chance in the spotlight when itrevealed dates and prices for its own Wii me-too controller, the Move– that’s Sept. 19 in North America, starting at US$50 for thebare-minimum set.

Looking much further ahead into the future, Sony’s big plans are allabout 3-D gaming. But unlike other gimmicks meant to keep an existingconsole on the feeding tube for a few more years, getting 3-D on aPlayStation will not require you to buy a new $200 peripheral alongwith a bunch of new games. Nope, you’ll just have to buy a $4,000 3-DTV — and a bunch of new games. All the PlayStation 3s on the marketright now are physically capable of going 3-D; they just need asoftware update from Sony to get going. But unless you have a bright,shiny, 3-D TV to play it on, you won’t get very far.

With this 3-D push, Sony’s placing a big bet on the future. Right now,only the freakiest of gadget freaks has a 3-D TV. But give it two orthree years. Prices will come down, more content will be madeavailable, and more and more people will opt to splurge for the 3-D TVwhen they get around to replacing what’s in their living rooms rightnow. When that day comes, Sony figures it will already have that basecovered, and it doesn’t hurt that the company also has a line of 3-DTVs they’d love to sell you.

The situation is a little bit of deja vu from a half-decade ago.That’s when Sony first showed the PlayStation 3, and back then it wasa ridiculous product in terms of power and price. Michael Goodman atMercury Media told us, “It was a $600 unit that did everythingbut sit up and chew gum. The problem was, they designed it for 2010and launched it in 2006. Given the marketplace and penetration ofHDTVs and broadband and over-the-box content, the PS3 is a wonderfulproduct for this time. But in 2005, it was way ahead of the game.”

So this betting-on-the-future play is something Sony’s tried before –could it be called a success yet? The PlayStation 3’s a respectableplatform, and it has the Blu-ray advantage, but in terms of sales,it’s still the runt.

Fair Warning?

In software security research, there’s a fine line between hero andjackass. Imagine you’re a security researcher who’s just found a holein another company’s product. If necessary, also imagine that you’renot a criminal who wants to take advantage of the flaw to steal stuff.

You’ll want to tell the vendor about the hole you found so they canpatch it. But you’ll also want them to hurry up about it, both becauseit’s putting users in danger and because being the guy to call out arecognized and patched flaw looks good on your resume.

The leverage you have is giving them a deadline: I’m going to gopublic with this flaw in X days, regardless of whether or not you’vepatched it. What’s the value of X? That’s your shot to call, but ifyour intention really is to get the hole plugged, you should give thevendor a reasonable amount of time to do that.

That’s why Google researcher Tavis Ormandy has shot to the top ofMicrosoft’s list of most annoying people. He spotted a flaw in WindowsXP and Server 2003, and just four days after he delivered theinformation to Redmond, he went public with the flaw as well as aproof-of-concept exploit.

According to Microsoft’s Jerry Bryant, going public after just a halfa week is beyond the pale, and it’s put Windows users at risk. He toldus, “typically and on average the finders give thevendor 30 days. Even the most aggressive finders give the vendors atleast 14 days.”

Wolfgang Kandek at Qualys more or less agreed, citing a flaw that wasdiscovered at the hacker contest CanSecWest a few months ago. Hackersthere found a common bug in all the major browsers, and even thefastest to respond, Mozilla Firefox, took 10 days.

But Microsoft’s a big company with lots of resources, so if there’s afire this hot under their butts, they should be able to pull somethingtogether pronto, right? Perhaps, but it does take time to make sureyour fix doesn’t break something else in one of your related products,and when you have a catalog as extensive as Microsoft’s that’s a wholelot of testing.

Panda Security’s Sean-Paul Correll told us, “If you look atresponsible disclosure, you’ll see a time frame of about five monthsgiven to vendors to fix issues. In Microsoft’s case, the protocolsinvolved are used through its products, and it has to make sure thesolutions it provides are cross-compatible. They’ve got to make surethe fix doesn’t break the product elsewhere.”

Yard Sale

If I were one of the thousands of people that AOL laid off in Fall of 2007, I guess my reaction to this story would be described as a schadenfreude sundae: one scoop of old and fermented rage, two scoops of fresh vindication, and a nice drizzle of smug on top.

Back in 2008 — about half a year after cutting more than 2,000 people from its workforce — AOL scrounged up $850 million for Bebo, a social networking site that was very popular in the UK. The idea was to turn AOL into what Bebo’s then-CEO Randy Falco called “a social media powerhouse.” Can’t blame him for dreaming big at the time — back then, Facebook didn’t own the scene to the degree it does now, and Bebo was seen as a fit contender for the crown.

But once AOL got its hands on Bebo, it basically left it to gather dust in the garage. According to Andre Zdanow, a market strategist with Charles Vista, AOL has been trying to reposition itself since its high times in the dial-up Internet era, and Bebo was just one more abortive attempt. “Look at what Facebook has done — it continually revamps itself. That is what social networks do to stay relevant. AOL didn’t do that with Bebo.”

Greg Sterling at Sterling Market Intelligence said AOL could have at least tried something interesting with Bebo — reinvented it as a mobile-only network, for example, or used some of its platform tools to differentiate it.

But instead, Bebo just sat there, losing value every day. How much value? Possibly more than $1 million every 24 hours. This week, AOL sold Bebo to private equity fund Criterion Capital Partners, and the rumored sale price is $10 million, or 840 million less than AOL thought it was worth about 820 days ago.

Which Phone Will Make Me a Superhero?

Busybody nanny-staters are once again out to take all the ignorantly blissful joy out of life, just like they did with cigarettes, fast-food calorie levels, red dye #2 and medicinal mercury. Their latest target is the warm, soft radiation we get from our cellphones.

They’ve stopped short of ordering us all to carry our smartphones around in lead cases. Instead, San Francisco’s board of supervisors has approved a measure that would require retailers to display exactly how much radiation is emitted by each phone they sell. Mayor Gavin Newsom is a known proponent of the measure, so he’ll most likely sign it into law.

The measurement standard used under the proposal is SAR, or specific absorption rate. As far as the Federal Communications Commission is concerned, the maximum legal SAR level is 1.6. If a phone runs at that level or less, it’s kosher. Under this proposed law, though, consumers would have the chance to see how some phones are kosher-er than others.

That’s why the wireless industry has lobbied against the measure. Speaking for CTIA, John Walls told us, “It suggests that some phones are safer than others, which is contrary to the FCC standard. All devices have to comply with FCC safety standards, and studies show that one compliant phone is not ‘safer’ than another.”

Vying for the proposal is the Environmental Working Group, which says that even that max SAR level of 1.6 leaves a wide range of radiation levels open, and having phones’ specific stats in front of consumers at the point of sale may lead to pressure on device manufacturers to make their phones a little less brain-nukey.